This is an old revision of the document!
Scripting/Automation
In addition to graphical interface, WinSCP offers scripting/console interface with many commands. The commands can be typed in interactively, or read from script file or another source.
- Using Scripting
- Commands
- The Console Interface Tool
- Verifying the Host Key in Script
- Running a Script under a Different Account
- Useful Scripts
Advertisement
Using Scripting
See command-line parameters to learn how to enter the console/scripting mode.
For automation, commands can be read from a script file specified by /script switch, from standard input or passed from the command-line using the /command switch.
By default an interactive mode is used (the user is prompted in the same way as in GUI mode). To switch to a batch mode (all prompts are automatically answered negatively) use the command option batch on. For the batch mode it is recommended to turn off confirmations using option confirm off to allow overwrites (otherwise the overwrite confirmation prompt would be answered negatively, making overwrites impossible).
Multiple sessions can be opened simultaneously. Use the session command to switch between them.
Note that the first connection to an SSH server requires verification of the host key.
WinSCP returns exit code 1, when any command is interrupted due to an error or any prompt is answered Abort (even automatically in batch mode). Otherwise it returns the exit code 0.
Commands
The following commands are implemented:
| Command | Description |
|---|---|
| call | Executes arbitrary remote shell command |
| cd | Changes remote working directory |
| chmod | Changes permissions of remote file |
| close | Closes session |
| exit | Closes all sessions and terminates the program |
| get | Downloads file from remote directory to local directory |
| help | Displays help |
| keepuptodate | Continuously reflects changes in local directory on remote one |
| lcd | Changes local working directory |
| lls | Lists the contents of local directory |
| ln | Creates remote symbolic link |
| lpwd | Prints local working directory |
| ls | Lists the contents of remote directory |
| mkdir | Creates remote directory |
| mv | Moves or renames remote file |
| open | Connects to server |
| option | Sets or shows value of script options |
| put | Uploads file from local directory to remote directory |
| pwd | Prints remote working directory |
| rm | Removes remote file |
| rmdir | Removes remote directory |
| session | Lists connected sessions or selects active session |
| synchronize | Synchronizes remote directory with local one |
Advertisement
The Console Interface Tool
As WinSCP.exe is a GUI application, it cannot inherit the console window when run from another console application (such as the Windows command-prompt). To allow this, run WinSCP using the console interface tool WinSCP.com (you can find WinSCP.com in the main installation package).
With console interface tool you can also use input/output redirection and pipes.
Verifying the Host Key in Script
The first connection to an SSH server requires verification of the host key. To automate the verification in script, you can use command-line parameter hostkey (or switch of open command with the same name) to accept the expected hostkey automatically.
You can find the fingerprint on Server and Protocol Information Dialog.
Running a Script under a Different Account
If you are going to run the script under a different account (for example using the Windows scheduler), note that WinSCP may store its configuration to the user part of Windows Registry by default. So you may need to either transfer the configuration from your account registry to the other account registry or use the INI file instead.
Note that the configuration also includes verified SSH host keys.
#include <inttypes.h> #include <stdio.h> #include <string.h> #include <sys/types.h> #include <unistd.h> #include <openssl/sha.h> #include <openssl/aes.h>
struct {
nsigned char magic[ 4 ]; nsigned char version[ 3 ]; nsigned char encrypted; nsigned char unknownNull[4]; nsigned int sizeOfData; nsigned int footerSignatureOffset; nsigned int footerCertOffset; nsigned int footerCertLen; nsigned char key1[ 32 ]; nsigned char unknownVersion[ 4 ]; nsigned char key2[ 16 ]; nsigned char unknow3[ 1968 ];
} header8900;
char inbuf[ 65536 ]; char outbuf[ 65536 ];
void convert_hex(char *str, uint8_t *bytes, int maxlen) {
Advertisement
int slen = strlen(str); int bytelen = maxlen; int rpos, wpos = 0;
for(rpos = 0; rpos < bytelen; rpos++) {
sscanf(&str[rpos*2], "%02hhx", &bytes[wpos++]);
}
}
void print_hex( char* text, uint8_t* data, uint32_t len ) {
int32_t ctr; har* sep; f( len > 64 ) len = 64; rintf( "%s", text ); or( ctr = 0; ctr < len; ctr++ ) printf( "%02x ", data[ ctr ] ); rintf( "\n" );
}
int main( int argc, char** argv ) {
ILE *infile, *outfile; nt encrypted; ff_t data_begin, data_current, data_end, data_len; ES_KEY ctx, aes_decrypt_key; int8_t aes_key[16];
nsigned char ramdiskKey[32]="188458A6D15034DFE386F23B61D43774"; nsigned char ramdiskiv[1];
nsigned char keybuf[ 16 ]; nsigned char iv[ AES_BLOCK_SIZE ]; f( argc != 3 ) fprintf( stderr, "Usage: %s infile outfile\n", argv[ 0 ] ); return 1;
Advertisement
nfile = fopen( argv[ 1 ], "r" ); f( !infile ) perror( "infile fopen" ); return 1;
utfile = fopen( argv[ 2 ], "w+" ); f( !outfile ) perror( "outfile fopen" ); return 1;
f( sizeof( header8900 ) != fread( &header8900, 1, sizeof( header8900 ), infile ) ) fprintf( stderr, "Can't read header\n" ); return 1;
f( ( header8900.magic[ 0 ] != 0x38 ) && // 8 ( header8900.magic[ 1 ] != 0x39 ) && // 9 ( header8900.magic[ 2 ] != 0x30 ) && // 0 ( header8900.magic[ 3 ] != 0x30 ) ) // 0 fprintf( stderr, "Bad magic\n" ); return 1;
f( header8900.encrypted == 0x03 ) encrypted = 1; lse if( header8900.encrypted = 0x04 ) encrypted = 0;
ata_begin = sizeof( header8900 ); ata_len = header8900.sizeOfData;
rintf( "iPhone 8900 decryptor by PmgR,\n");
rintf( "extended and modified from original file by aljen.\n");
printf( "Thanks to hardware decrypt key found by by dev & elite teams.\n\n");
rintf( "[*] filename \t\t: %s\n", argv[ 1 ] );
rintf( "[*] magic \t\t: %s\n", header8900.magic );
rintf( "[*] version \t\t: %s\n", header8900.version );
rintf( "[*] encrypted \t\t: %d\n", encrypted );
rintf( "[*] start of data \t\t: 0x%02x\n", data_begin );
rintf( "[*] size of data\t\t: 0x%02x\n", header8900.sizeOfData );
rintf( "[*] footer signature offset\t: 0x%02x\n", header8900.footerSignatureOffset );
rintf( "[*] footer certificate offset\t: 0x%02x\n", header8900.footerCertOffset );
rintf( "[*] footer certificate length\t: 0x%02x\n", header8900.footerCertLen );
rint_hex( "[*] header key 1\t\t: ", header8900.key1, sizeof( header8900.key1 ) );
rint_hex( "[*] header key 2\t\t: ", header8900.key2, sizeof( header8900.key2 ) );
Advertisement
/memset( keybuf, 0, 32 );
//memcpy( keybuf, header8900.key1, 32 );
onvert_hex(ramdiskKey, aes_key, 16);
ES_set_decrypt_key( aes_key, 128, &aes_decrypt_key );
emset( iv, 0, AES_BLOCK_SIZE );
/memcpy( iv, header8900.key2, 16 );
seek( infile, data_begin, SEEK_SET );
/printf("dataend: %d\n", data_len);
ata_current=0; hile( fread( &inbuf, 1, AES_BLOCK_SIZE, infile ) > 0 & data_current<data_len)
AES_cbc_encrypt( inbuf, outbuf, AES_BLOCK_SIZE, &aes_decrypt_key, iv, AES_DECRYPT ); fwrite( outbuf, 1, AES_BLOCK_SIZE, outfile ); data_current = data_current + AES_BLOCK_SIZE; }
f( infile ) fclose( infile ); f( outfile ) fclose( outfile ); eturn 0;
}
Useful Scripts
You can see list of scripts other users found useful.
For more tips, see also FAQs on scripting.